
WHAT IS CLAIMED IS: 

1 1 . A method for controlling access to a functional unit within a set top 

2 box, comprising: 

3 receiving first information comprising a plurality of functional unit 

4 identifiers and one or more tier requirements respectively related to each functional unit 

5 identifier; 

6 receiving second information comprising tier rights; 

7 correlating the functional unit identifiers to their respective tier 

8 requirements; 

9 interacting with the functional unit; 

10 determining if the respective tier requirements are satisfied by the tier 

fj 11 rights; and 

~; 12 authorizing further interaction with the functional unit. 

yi 1 2. The method for controlling access to the functional unit within the 

ZL 2 set top box of claim 1, further comprising receiving third information that replaces the tier 

3 rights. 

¥* 

fU 1 3. The method for controlling access to the functional unit within the 

r! 2 set top box of claim 1, wherein more than one of the tier rights could authorize further 

O 3 interaction with the functional unit identifier. 

1 4. The method for controlling access to the functional unit within the 

2 set top box of claim 1, authenticating a source of at least one of the first and second 

3 information. 

1 5 . The method for controlling access to the functional unit within the 

2 set top box of claim 1, wherein the functional unit comprises a discrete entity comprising 

3 at least one of software, hardware, drivers, firmware, data, video, and audio. 

1 6. The method for controlling access to the functional unit within the 

2 set top box of claim 1, further comprising receiving a plurality of streaming content 

3 functional units. 
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1 7. The method for controlling access to the functional unit within the 

2 set top box of claim 1, wherein the set top box is integral with an enclosure for a display. 

1 8. A conditional access system for controlling access to functional 

2 units, comprising: 

3 a set top box; 

4 a functional unit associated with the set top box; 

5 a requirements message comprising a functional unit identifier and one or 

6 more tier requirements related to the functional unit identifier, wherein the functional unit 

7 identifier is associated with the functional unit; 

8 a rights message comprising one or more tier rights; and 

9 an authorization function that compares each of the one or more tier 

10 requirements against the one or more tier rights in order to authorize use of the functional 

11 unit. 

1 9. The conditional access system for controlling access to functional 

2 units of claim 8, further comprising an authentication function that authenticates a source 

3 of the rights and requirements messages. 

1 10. The conditional access system for controlling access to functional 

2 units of claim 8, further comprising a data channel between a headend and the set top box, 

3 wherein the data channel is one of bi-directional and omni-directional. 

1 11. The conditional access system for controlling access to functional 

2 units of claim 8, further comprising a second rights message to replace the tier rights. 

1 12. The conditional access system for controlling access to functional 

2 units of claim 8, further comprising a plurality of streaming content functional units sent 

3 from a headend to the set top box. 

1 13. The conditional access system for controlling access to functional 

2 units of claim 8, wherein the functional unit comprises a discrete entity comprising at 

3 least one of software, hardware, drivers, firmware, data, video, and audio. 

1 14. The conditional access system for controlling access to functional 

2 units of claim 8, wherein the set top box is integral to an enclosure for a display. 
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15. A method for controlling access to remotely-located and functional 
units within a conditional access system, comprising: 

determining first and second information to modify authorization of a 
remotely-located and functional unit; 

sending the first information comprising a functional unit identifier and at 
least one tier requirement related to the functional unit identifier; 

sending the second information comprising a tier right; and 

causing modification of an authorization state of the remotely located 
functional unit corresponding to the functional unit identifier. 

16. The method for controlling access to remotely-located and 
functional units within the conditional access system of claim 15, further comprising: 



located and functional unit corresponding to the functional unit identifier. 

17. The method for controlling access to remotely-located and 
functional units within the conditional access system of claim 15, wherein the 
authorization state is one of authorized and unauthorized. 

18. The method for controlling access to remotely-located and 
functional units within the conditional access system of claim 15, further comprising 
generating a signature over at least one of the first and second information. 



functional units within the conditional access system of claim 15, wherein more than one 
tier right could authorize use of the remotely-located and functional unit corresponding to 
the functional unit identifier. 

20. The method for controlling access to remotely-located and 
functional units within the conditional access system of claim 15, further comprising 
sending a plurality of streaming content functional units to a remote location. 

21 . The method for controlling access to remotely-located and 
functional units within the conditional access system of claim 15, wherein the remotely- 



sending third information comprising a replacement tier right; and 
causing further modification of the authorization state of the remotely- 
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The method for controlling access to remotely-located and 
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located and functional unit comprises a discrete entity comprising at least one of software, 
hardware, drivers, firmware, data, video, and audio. 
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